Nginx TCP协议 多域名配置 80单独配置
1、第一步双台机器分别安装nginx
2、如IP分别
vim /etc/nginx/conf.d/default.conf 修改端口 去掉80
域名解析IP:10.10.1.100
中转IP:9.9.1.100
在解析IP配置NGINX
vim /etc/nginx/nginx.conf
在最后一行加入
stream {
server {
listen 443;
proxy_pass 9.9.1.100:6443;
}
server {
listen 80;
proxy_pass 9.9.1.100:6080;
}
}systemctl restart nginx
3、配置9.9.1.100 (SSL配置)
cd /etc/nginx
mkdir conf.d.tcp
vim /etc/nginx/nginx.conf (在最后一行加入)
stream {
map $ssl_preread_server_name $name {
include /etc/nginx/conf.d.tcp/*.conf;
}
server {
listen 6443;
ssl_preread on;
proxy_pass $name;
}
}在/etc/nginx/conf.d.tcp/下 (也可以每个域名单独的一个conf文件。文件名自定义即可(一般用域名))
vim domain.conf
ssl.uclouds.top 58.218.92.158:443; wechat.uclouds.top 58.218.92.22:443;
获取tcp IP的方法
stream {
log_format proxy '$remote_addr [$time_local] '
'$protocol $status $bytes_sent $bytes_received '
'$session_time "$upstream_addr" '
'"$upstream_bytes_sent" "$upstream_bytes_received" "$upstream_connect_time"';
access_log /var/log/nginx/tcp.log proxy;
map $ssl_preread_server_name $name {
test.uclouds.top local_backend;
}
upstream local_backend {
server 163.162.161.60:443;
}
server {
listen 443;
ssl_preread on;
proxy_protocol on;
proxy_connect_timeout 10s;
proxy_timeout 30s;
proxy_pass $name;
}
}获取TCP IP下nginx的方法
listen 443 ssl http2 proxy_protocol; set_real_ip_from 0.0.0.0/0; real_ip_header proxy_protocol;
3、配置9.9.1.100 (80端口配置)
在/etc/nginx/conf.d/下
vim domain.conf
server {
listen 6080;
server_name ssl.uclouds.top;
charset utf-8;
proxy_redirect off; #重定向url
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
location / {
proxy_pass http://58.218.92.158:80;
}
}server {
listen 6080;
server_name wechat.uclouds.top;
charset utf-8;
proxy_redirect off; #重定向url
proxy_set_header X-Real-IP $remote_addr;
proxy_set_header X-Forwarded-For $proxy_add_x_forwarded_for;
proxy_set_header Host $http_host;
location / {
proxy_pass http://58.218.92.22:80;
}
}重启后测试
systemctl restart nginx